Lucene search
K

25 matches found

Github Security Blog
Github Security Blog
added 2024/06/07 7:56 p.m.13 views

TYPO3 Denial of Service in Online Media Asset Handling

Online Media Asset Handling .youtube and .vimeo files in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a...

7AI score
Exploits0References6Affected Software1
OSV
OSV
added 2024/06/07 7:56 p.m.9 views

GHSA-F3WF-Q4FJ-3GXF TYPO3 Denial of Service in Online Media Asset Handling

Online Media Asset Handling .youtube and .vimeo files in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a...

6.5CVSS7AI score
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/06/07 7:43 p.m.15 views

TYPO3 Cross-Site Scripting in Online Media Asset Rendering

Failing to properly encode user input, online media asset rendering .youtube and .vimeo files is vulnerable to cross-site scripting. A valid backend user account or write access on the server system e.g. SFTP is needed in order to exploit this vulnerability...

6.7AI score
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2024/05/30 3:33 p.m.14 views

TYPO3 Denial of Service in Online Media Asset Handling

Online Media Asset Handling .youtube and .vimeo files in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a...

7AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/05/30 3:33 p.m.9 views

GHSA-29M4-MX89-3MJG TYPO3 Denial of Service in Online Media Asset Handling

Online Media Asset Handling .youtube and .vimeo files in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a...

5.3CVSS7AI score
Exploits0References4
OSV
OSV
added 2024/05/30 2:48 p.m.9 views

GHSA-WG8H-GXF4-G4GH TYPO3 Cross-Site Scripting in Online Media Asset Rendering

Failing to properly encode user input, online media asset rendering .youtube and .vimeo files is vulnerable to cross-site scripting. A valid backend user account or write access on the server system e.g. SFTP is needed in order to exploit this vulnerability...

6.1CVSS6.7AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/12/17 12:0 a.m.9 views

FreeBSD : typo3 -- multiple vulnerabilities (bab29816-ff93-11e8-b05b-00e04c1ea73d)

Typo3 core team reports : CKEditor 4.11 fixes an XSS vulnerability in the HTML parser reported by maxarr. The vulnerability stemmed from the fact that it was possible to execute XSS inside the CKEditor source area after persuading the victim to: i switch CKEditor to source mode, then ii paste a...

4.8AI score
Exploits0References2
Friends Of PHP
Friends Of PHP
added 2018/12/11 9:56 a.m.13 views

Denial of Service in Online Media Asset Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2018-011...

7.2AI score
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/12/11 9:56 a.m.9 views

Cross-Site Scripting in Online Media Asset Rendering

More info at https://typo3.org/security/advisory/typo3-core-sa-2018-006...

7.2AI score
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/12/11 9:55 a.m.7 views

Denial of Service in Online Media Asset Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2018-011...

7.2AI score
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/12/11 9:55 a.m.11 views

Cross-Site Scripting in Online Media Asset Rendering

More info at https://typo3.org/security/advisory/typo3-core-sa-2018-006...

7.2AI score
Exploits0Affected Software1
Typo3
Typo3
added 2018/12/11 12:0 a.m.10 views

Denial of Service in Online Media Asset Handling

Online Media Asset Handling .youtube and .vimeo files in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a...

6.6AI score
Exploits0Affected Software1
Typo3
Typo3
added 2018/12/11 12:0 a.m.15 views

Cross-Site Scripting in Online Media Asset Rendering

Failing to properly encode user input, online media asset rendering .youtube and .vimeo files is vulnerable to cross-site scripting. A valid backend user account or write access on the server system e.g. SFTP is needed in order to exploit this vulnerability...

6.5AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2011/05/06 11:41 a.m.14 views

DragonBall Browser v1.0.0 ~ Browser For Hackers !

DragonBall Browser v1.0.0 Browser For Hackers ! Hey everyone, this is Harsh Daftary presenting new browser made for hacker's.. Browser purely made in vb, small yet fast browser. This includes hacking and programming zone's and some hacking tools.. Features: Windows Mail Online Media Player Hackin...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2011/01/13 3:11 p.m.14 views

High Profile Education, Government Sites Hacked

The Web sites of some of the nation’s top universities were discovered to be serving up links to bogus online stores offering everything from popular software by Microsoft to student visas and Viagra, according to a report from security firm zScaler. Portions of Websites belonging to Harvard...

0.1AI score
Exploits0References5
seebug.org
seebug.org
added 2008/06/01 12:0 a.m.31 views

NCTAudioInformation2 ActiveX控件栈溢出漏洞

CVECAN ID: CVE-2008-0959 NCTAudioInformation是Online Media Technologies(之前名为NCT公司)推出的用于更改声音文件中信息的ActiveX 控件,支持WAV、MP3、WMA等格式的文件。 NCTAudioInformation2控件(NCTAudioInformation2.dll)没有正确地处理GetAudioInformation和SetAudioInformation属性的参数,如果用户受骗访问了恶意网页并向这些参数传送了超长参数的话,就可以触发栈溢出,导致执行任意指令。 Online Media...

6.8CVSS6.4AI score0.05967EPSS
Exploits2
NVD
NVD
added 2008/05/29 4:32 p.m.14 views

CVE-2008-0959

Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in 1 Power Audio CD Grabber 1.0, 2 Power Audio CD Burner 1.02, 3 CinematicMP3 1.4.0.0, 4 Alive MP3 WAV Converter 3.9.3.2, and possibly other...

6.8CVSS7.9AI score0.05967EPSS
Exploits2References16
Prion
Prion
added 2008/05/29 4:32 p.m.13 views

Stack overflow

Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioGrabber2 ActiveX control in NCTAudioGrabber2.dll allow remote attackers to execute arbitrary code via unspecified vectors...

9.3CVSS8.4AI score0.07729EPSS
Exploits1References9
Prion
Prion
added 2008/05/29 4:32 p.m.17 views

Stack overflow

Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in 1 Power Audio CD Grabber 1.0, 2 Power Audio CD Burner 1.02, 3 CinematicMP3 1.4.0.0, 4 Alive MP3 WAV Converter 3.9.3.2, and possibly other...

6.8CVSS8.5AI score0.05967EPSS
Exploits2References16Affected Software4
CVE
CVE
added 2008/05/29 4:0 p.m.51 views

CVE-2008-0959

CVE-2008-0959 affects Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control (NCTAudioInformation2.dll). The vulnerability consists of multiple stack-based buffer overflows when handling GetAudioInformation() and SetAudioInformation() parameters, enabling remote code execution via...

6.8CVSS7.9AI score0.05967EPSS
Exploits2References16Affected Software6
Rows per page
Query Builder